The malware was developed from code used for older campaigns and so it also goes for the obvious steady revenue generation through illicit mining.

Cryptojacking has solidified into good practice in the business of commercial malware, and so this particular one also taps into your laptop’s power to mining Monero. It also adds Koto, a lesser-known Japanese cryptocoin, that supports GPU mining.

What it does

Crypto mining is not dangerous, the real danger of this malware (dubbed CookieMiner) lies in its other areas of focus:

If you have iTunes backups for your iPhone, it will also get your text messages.

This combination of credentials will probably allow the CookieMiner authors to get around multi-factor authentication on crypto exchanges and web wallets.

The malware comes with a script that gives the attacker remote control over your Mac and potentially can remain hidden for a good amount of time, patiently waiting until all necessary credentials are collected to exploit your exchange and wallet accounts.

The attacker could also leverage their remote access to later install a keylogger, while profiting from the crypto mining in the meantime.

How to protect your crypto

The report doesn’t mention in what kind of campaign this malware spreads.

There have been several major phishing mail blasts lately, some even very legitimate looking job offers with malicious documents in attachments.

The advice here is to be vigilant about what you click on in your e-mails. If you’re getting an attachment from someone you don’t know, try and request a Google Docs invite instead.

Similar level of attention should go to downloading new wallets and apps, perhaps for your airdrops.